So, why not mention the obvious, Sir Tim?
Posted 15 September 2008
Sir Tim (Berners-Lee) is worried about the spread of dis-information on his internet; good for him and the Beeb for bringing it up. They cite Large Hadron Collider rumours and MMR scares, laudably but they don't mention (suspiciously) the obvious - anthropogenic global warming!
It's a start, which I certainly welcome, if a little careless.Could do better Sir Tim and you could, while you are at it, fix the insecure nightmare that the internet has become or is that just more dis-information?
All hail VirtualBox and its creators.
Posted 16 April 2008
Innotek (now owned by Sun) have a product of enormous importance and significance. I have no doubt that VMware and other virtualization software shares some or all of VirtualBox's capabilities but surely they can't all be this easy.
I am talking about the USB capabilities of the closed source, but still free, version 1.5.6. The virtual machine can talk directly to the host's USB ports allowing you to install on XP (for example) the manufacturer's XP drivers for printers and scanners and anything else!
Download a copy of the closed source version appropriate to your distribution (also download the easy to follow manual). Run the necessary installer. Run VirtualBox and set up the basic environment for the operating system/s you want.
To set up USB and filters first run 'VBoxManage list usbhost' from a terminal to get the appropriate IDs, although this can also be done from within the machine menu hierarchy (doesn't seem to give as much specificity here). You will need to have the device attached and switched at this point (I eventaully realised). Under 'Settings/USB' add each device you need and fill in the details. And away you go.
Start the machine, install your client OS and install the drivers at the appropriate time.
I could use my printer but I couldn't use its full capabilities or manage its resources from Linux and I couldn't use my scanner at all. Now, using a folder shared between client and host, I can print in a linux app. to PDF or some other compatible format; open the very fast virtual XP machine and print it, perfectly. I can scan in XP, save to shared folder and use it imediately in Linux.
Brilliant, thank you Innotek. Now all I need to be able to ditch the Windows box is the ability to talk directly to PCI devices. Of course I have had to install a fully licensed XP in the virtual box to acheive all of this this. I have not had to take advantage of the fascinating post I stumbled across called something like - 'How to bypass WPA (Windows Activation) on Windows XP. - by FittMunken'.
addendum:
and even if I had followed Fittmunken's advice, it does not work (alledgedly); after 30 days time is still up. I imagine though that if I take advantage of VirtualBoxManage's ability to offset the virtual machine's clock, the problem will go away ;)
Tux 1 - 0 Beastie
Posted 4 April 2008
I suppose I should continue my public self-flagellation and report progress on the software installation front.
Linux is winning on the desktop at the moment but only after a graphics card swap and DVI/VGA cable swap. The hardware change would, most likely have solved my problems with whatever OS I had installed but the OS of the moment is PCLinuxOS 2007 (gnome version - KDE is too bloated and Windoze-like for my liking). 2008 is now available but repository updates to 2007 amount to the same thing, I'm told.
PCLinuxOS is based on Mandrake but is slimmer and faster and cleverer, in my experience. Having swapped graphics cards from ATI (curse them) to Nvidia (bless them), I had to uninstall all flgrx and ATI drivers to make sure there would be no confusion and conflicts. Then the dreaded reboot and expected xorg.conf manual command line tweaking to get going again. But, no my fellow geeks PClinuxOS, unpromted, stepped into the breach, recognised the problem and presented a very helpful utility to guide through the repair and installed all the necessary new drivers.
It just worked. I now have a shiny new PCLinuxOS (Gnome) desktop running Compiz beautifully with all its wibbly-wobbly, rotating cube, event effects bling bringing a flush of green to the gills of Apple Mac worshippers everywhere.
So I have a windoze box up and running a couple bits of hardware Linux and FreeBSD won't drive, a FreeBSD server and a PCLinuxOS main desktop. Just got to get them talking to each other now!
FreeBSD - et tu bruté
Posted 13 March 2008
OK I wrote a couple weeks ago, with some enthusiasm, about my upcoming FreeBSD experiment.
As I say in the original piece, I did quite some research and I have many years experience with this kind of thing and after a couple silly mistakes, I did indeed have Beasty up and running. I even had X configured for my esoteric wide-screen and flaky graphics card with Fluxbox installed and Firefox surfing happily.
Unfortunately, I failed to set up a software raid for my '/home' partition and caused a crash and when FreeBSD crashes it does it in style. I also crashed it trying to cp (copy) from a EXT3 Linux drive to my new home folder. If you scroll down to the last line in the manual page for copy, you will see why. When FreeBSD crashes (7.0-RELEASE on my hardware - standard install) it starts a never ending cycle of file system checks, file dumps and reboots that really do seem never to have any hope of ending. I left it going for more than 6 hours once before trashing the system and re-installing. each re-boot cycle was taking 6 to 15 minutes.
I reinstalled from scratch at least 6 times and after finally getting everything as I wanted it and re-booting normally it erroneously claimed that '/home' had not been correctly dismounted and proceeded to go through the interminable cycle again. ENOUGH! The towel slapped soggily into the ring with a snotty thud.
I had also by now tried and failed to install DesktopBSD on another machine but it no-likey its graphics hardware. To be honest only one version of Ubuntu and Mint ever did like that machine. At this moment I have only one machine working properly (woe is me) - a fecking Windoze box!
Where to now? I have started trying to install Linux distributions, one after the other, from magazine covers on the most difficult box with no success so far. Ubuntu/Xubuntu/Mint and maybe Suse should work; I'll let you know. It has not all been in vain because those FreeBSD installs taught me much, as did my preliminary research. I have more confidence that I can solve the Linux networking problems and will enjoy getting under the hood. I am frustrated by the Beasty. It seems to me that a system designed to reliably run servers should not crash when attempting to copy files, no matter how corrupt the file system. It should not forget to do something during a legitimate reboot that corrupts a partition and when it attempts to repair any damage it should indicate what, why, how and if when it is doing it.
addendum:
For all you innocents who stumbled on my blog while Googling for FreeBSD, I should just not that the 'final straw' above was my own fault. A little further reading of the excellent manual revealed that despite advice to the contrary (found via Google), 'reboot' is NOT and alias for 'shutdown -r now' in BSD. It does not cause all the proper termination sgnals to be sent. This means that on rebooting the system will find file system errors. ALWAYS USE the 'shutdown' command stoopid!
FreeBSD will save me, surely
Posted 22 February 2008
I have been a Linux hobbyist for many years. I have installed many Linux distributions on dedicated machines or dual-booted with Windoze.
I have seen and been honoured to lay my hands on a Mac (OS X) and thought it was pretty, if a little flimsy. For a couple of years my main desktop OS of choice has been Ubuntu (for the last 6 months the Minty derived fork). Over the years I have been almost as frustrated with RedHat, SUSE, Mandriva and Ubuntu as I have been with the MS beast.
The trouble with Open Source is that there is no commercial motive to support it, on the part of hardware manufactures; why should they? The Open Source movement produces great software that runs a great deal of the world's modern communications and PCs but it is primarily driven by people who don't 'play' with computers. The volunteers and others who work on the Linux kernel, for example, want reliable security systems and databases and highly technical projects to work. They don't care about the frilly stuff most people use desktop PCs for.
Thus: Linux, Unix, Wine etc are always a half-year or many years behind because they can never support all the hardware that the commercial boys and girls can. Trying to persuade more hardware makers to cooperate is laudable but always ultimately doomed, if there's no profit in it. Unifying hardware standards so that manufacturers were compelled to make driver interfaces easy to implement would help but won't happen.
The current well documented miserable failings of MS's Vista are helping push a few more people to a Compiz enabled KDE/Gnome environment but only those willing to spend a lot of time and money making careful hardware choices aimed at a specific alternative to MS.
There are millions of people like me with hardware, at least three years old with no intention of replacing it until it breaks, that want to use it in a modern, secure and reliable software environment. We won't be buying Vista or its successor. So where does that leave me?
I have been using Linux Mint for about six months and everything worked straight out of the box (on a machine built by me for Linux) and it is still fine, if a little slower than it was on day one but:
I still can't unravel the mess that is local networking. Something always goes wrong and has on every version of Linux I have used. It is an arcane black art, which has never been fully documented in any easily accessible form, after years of searching. In addition to my minty desktop PC, I have a Windoze box solely for making full use of a high quality sound device and making full use of my printer and scanner. I also have a specially built box stuffed with storage that should be a file server, internet gateway and (just for fun) domain controller but I have never had them all talking to each other properly.
What am I going to do about it? Install FreeBSD. I have gone back to basics, recalling undergraduate days in front of a Unix workstation, and read extensively about the forthcoming 7 release of FreeBSD, which I did briefly install a couple of years ago on my underused server (version 5, I think). I am still reading the 1000 page 'Handbook' and am plowing through 'FreeBSD 6 unleashed' ready for the big day.
I have realised that relying on the Linux distribution makers or Microsoft to look after my welfare is folly. I have to take control and responsibility for my hardware by installing a system I will have to make an effort to understand. The time I take to do that will save me many headaches in the future, I hope! It will be no walk in the park but my reading so far assures me that it is not that hard, just short-term time consuming.
I will still have to keep my XP machine until a miracle happens but that is OK. My successfully set up server will help protect it from itself and the stupidity and carelessness of the Redmond ne'er-do-wells.
Meyer refines CSS global reset
Posted 18 February 2008
Eric Meyer has been a champion of the global reset solution to some browser inconstancy problems for some time now. His latest version, which I recommend all page developers use, is now on a dedicated page at meyerweb.
If you are new to (X)HTML and CSS or if you have been burying your head in the sand for a decade, you will not understand the need for a global CSS reset. Meyer explains all on his site but if by some miracle of googlonics you come here first, I'll waffle a little on the subject here.
Not all browsers are born equal and not all browsers are Internet Explorer, which may come as a surprise to some of you. If it does, I recommend you go to Mozilla's Firefox site and download a more secure, more standards compatible and more extensible browser right now!
Browser developers have over the years, with varying degrees of success, failed miserably to fully and reliably implement all of the W3C's HTML and CSS definitions in their page rendering engines. Originally this was because they simply did not care. They were too busy competing with one another with non-standard HTML capabilities that they all but ignored the specifications. More recently they, some faster and more effectively than others, have started to smell the coffee.
However, none of them get it completely right, not least in how they apply CSS to a page element where no CSS is defined for the page. i.e. where you haven't specified a value. Some apply defaults correctly according to W3C specifications, while others don't. The only way to be sure that every element on the page behaves from scratch in a predictable way, across all browsers, is to include a style sheet with all elements actively set to a particular value. You can then confidently fiddle with the CSS knowing that the remaining browser differences are not caused by hidden default values being randomly applied.
So copy the reset CSS from Meyer's page and put it at the top of your site's main CSS file or @import it. Then apply specific styles as you normally would confident that anything you don't style will behave consistently across browsers.
Search Engine Optimisation (SEO), and other fairie stories
Posted 14 June 2007
I’ve been reading a lot of online advice on SEO and wondered what is really going on. I’ve concluded that it is laziness mixed with a dose of get-rich-quick-with-no-effortness. Let me explain.
In the ‘good old days’ when we had proper high streets with local shops for local people, we knew they existed and what they sold and we did not need to search for them. Sometimes we needed goods or services that were not available on our local high street. This is when things got complicated.
We might know somebody else who had purchased the same goods or services from somewhere-else-ville and we trusted them, so off we would trot (literally, in our carriage) and spend a couple nights in another county fetching the stuff. We would take cash from under the hay bale and Bob might be your uncle/father/brother.
If we did not know somebody else we might have seen a poster or a notice in the church or it is just possible that we heard about it on the wireless at last month’s bash at the village hall. We might all have stared at the horseless waggon with the bright sign on its side when it got lost and passed through the village last May (by the skin of its teeth).
So what’s my point? Advertising is how all traditional business gets noticed and why should that be different for online businesses? There are millions of web sites and maybe hundreds or thousands of people out there trying to compete with you. How on earth can you expect your page to get listed at the top of a search engine query for free???
My advice:
you get what you pay for, so stop wasting money on SEO and advertise in other media at what ever level is relevant to your business. If you can’t afford to do that, leave it to those who can and find another business. Don’t forget to include your URL in the advert!
Safari on Windoze!
Posted 12 June 2007
Now that is news: safari now on windows. Hopefully, from a web developers point of view it will render sites exactly as it does on the Mac. This will allow windows developers to test sites without needing a Mac. Hopefully, this will not dawn on Apple who might be hoping to lure users away from the big-lazy.
If you are viewing this site on windoze IE pre version 7, you are just inviting horror into your world. Update to IE7 or use a real browser instead. Firefox, Mozilla and Opera come to mind and now Safari ,maybe (wait for it to be fully tested by the web community before you take the plunge).
Tip for new web developers: design and test sites on Firefox and/or Opera then put your hard work through the blender to make it work on IE. Don’t do it the other way round; the ‘real’ browsers follow the XHTML/CSS specifications far more closely than IE does and IE makes too much (dumbed down) effort to accommodate your mistakes.
edit: proxy server use crashes safari (waiting for beta2)
update January 2008
Have now installed Beta 4 and proxy server issue has been resolved and from what I have read I understand glaring security issues have been addressed too. I will put up a new post about its rendering reliability sometime before I die.
Online Shopping
Posted 1 June 2007
originally published elsewhere at another time
Things below get a bit technical for a while but I recommend you stick with it because there is no point deciding to follow the advice at the bottom of the page if you haven’t followed the advice at the top. Remember, to read extensivly on this subject because things change all the time and this site does not.
Do not carry out any online financial transaction unless you are sure the link and your computer are secure, and your computer is not infested with viruses, trojans or spyware. The first thing to do is INSTALL A FIREWALL. Firewalls come in two basic flavours: hardware and software. They both try to do the same job, which is keep intruders off your machine and prevent malicious software operating from inside your machine.
Malicious software (Malware) comes in many flavours and there is more below about how to prevent it getting on your computer in the first place. This is software, which has come to be on your machine for whatever reason that has bad intentions. It may do everything from share your surfing history with 3rd party organisations to copy your user-names, passwords, personal and banking details.
What do firewalls do? Computers connected on a network (includes Internet, WEB, Email etc) communicate using a set of protocols that allow sending and receiving machines to recognize each other and to make sense of the jumble of binary data flying between them. Each software package on your computer that is designed to access a network understands these protocols. This includes knowing, for example, that a packet of binary data intended for it will ‘announce’ itself to the computer that it is arriving on a particular ‘port’, and the software will tell the operating system or application that the data belongs to it. Included with each collection of data is information about how it is encoded, where in a larger stream of data it belongs, how it should be treated by the receiving computer and the data itself. Malware can hijack this process by intercepting data intended for other software or by communicating on the network using ‘hidden’ unused packet destinations (’ports’), which your computer thinks are being used legitimately. Firewalls control access through these ports. You tell the hardware or software which ports can be used and which software can use them.
If you are part of a network or have the money, time and courage to set up your own at home, each machine can be connected to the outside world via a hardware firewall (wired or wireless). This is also true for single machines with ‘broadband’ internet connections. In every single case, whatever your ISP tells you, you will be far safer using a hardware firewall/router than a ‘free broadband modem’. It is also true that setting these up is not difficult and although you may loose expensive telephone support because you are not using supplied hardware, your computer will be safer, and it will probably work better. Software firewalls are second best but if you keep them up to date you should also be safe. There is some debate about whether the two should be combined but it seems unlikely that a software firewall will be any more than a hinderance on a computer connected to a well set up hardware firewall.
You must also install anti-virus software and keep it up to date. This IS NOT THE SAME AS A FIREWALL and is equally vital. Anti-virus software prevents certain types of malware installing themselves and/or running on your computer. They work by recognising the ’signature’ of known viruses and stopping all at-risk operations on detection. Some anti-virus software can also recognise virus type activity by new viruses it doesn’t know about, but this sometimes can prevent legitimate software running (better safe than sorry though). New viruses are being designed and spread every day and your anti-virus software has to be told how to recognise them. To do this you must use the software’s update process at least once a week, or by setting it to update automatically whenever it needs to when you are online.
There are other types of malware that anti-virus software will not detect and you SHOULD INSTALL software to detect and remove it. This is generally referred to as Spyware. This type of malware detector/remover/cleaner also has to be updated regularly to be of any use. They often have to be explicitly run to look for intrusions so this should be done daily before you access any network.
Some software vendors supply packages that do all of the above. They claim to operate as firewalls and virus/spyware detectors/removers. These also have to be maintained. If your new computer comes with this software pre-installed you are NOT AUTOMATICALLY SAFE. The very first thing you must do with a new computer is update all of this software because while it has been sitting in the factory or warehouse or travelling in the post to you, it’s virus/malware signature files have become out of date.
Not all operating systems are created equal. Microsoft Windows is notoriously insecure (especially its bundled web browser, Internet Explore - certainly pre IE7), which is largely because of how it handles permissions to store data on your computer. This is true with XP just as it was in the days of MSDOS before Windows. However, if you want to run most software in the market place and most hardware you want to connect to it, you don’t have much choice yet. You can mitigate against this weakness by regularly visiting Microsoft’s update sites and keeping your computer up to date. Also read the computer media for security news regularly. Other operating systems exist such as that supplied on the Mac, and Linux, which is free. It is possible to carry out all computer operations using Linux but some distributions can still be slighlty more complicated to set up and not all peripherals are supported. This will change in the near future so keep an eye open for the approaching breach in the extremely damaging Microsoft monopoly. You may not be aware that most of the internet already runs on Linux based computers.
Some ISPs are better than others at protecting your computer’s security. In order to avoid litigation I will not name names here but see the links below. I reccommend searching internet forums, when considering an ISP, for opinions of current users.
There are many commercial and free software packages available covering all the requirements above. These can be downloaded from the internet but this is not wise until you are confident your computer is secure, and you are sure of the source. Other good sources are the CDs and DVDs stuck to the front of magazines.
Once you are happy with all of the above there are a few other precautions you must take before shopping and banking online. Keep your browser (Mozilla, Firefox,Internet Explorer, Netscape Navigator, Safari etc) up to date with all security patches. Read the help pages and understand their security settings and set them accordingly. Do not assume that they come pre-set with your best interests in mind, they rarely do.
You will at some stage have to choose where your own risk threshold lies just as you do when you purchase by telephone or mail order. At the moment there are few standards for how companies and other organisations handle your security. There are times when this means you have to decide what is safe and what isn’t. There are some simple rules: CARRY OUT ALL ONLINE BANKING TRANSACTIONS with your browser set at its most secure level. Never type any information onto a banking web page that does not have an address beginning https:// (note the S), and which is not displaying the secure padlock icon or its equivalent on your browser. This is true when setting up your online banking service and all other transactions with your bank involving the exchange of personal details. NEVER NEVER EVER click on a link on an email claiming to be from your bank, which leads to a link asking for any personal/banking details whatsoever. Only use the known www.mybank.co.uk address that you know about. It is a good idea always to type this address into your browser and not to save it in ‘Favorites’. All of this is also vital when entering credit/debit card details on commercial site web pages but there are some things to bear in mind here. I don’t recommend you use a company that doesn’t allow you to choose a separate delivery address. It can be extremely inconvenient if they insist on only delivering to the address associated with your credit/debit card.
Some online suppliers will give you the opportunity to register first. You supply all your personal details and they are stored on the company’s secure servers so that you don’t have to re-enter them every time you buy something. You will choose or be issued with a user name and password for future access, usually by an email process. This is a good idea provided you are confident in the organisation and that at all stages of registration the browser is conncected to an https:// address with the secure padlock icon on show. I mean ALL stages! If you are going to allow an organisation to store your details remotely it is no use if you are transmitting some of those details insecurely. Some sites will ask for your name and address insecurely before linking to a secure page for your credit/debit card information. This is also true during the purchase process on sites where you haven’t pre-registered. This is one of those risk-threshold decisions. So long as you are confident that your insecure details can never be married up with the credit/debit/banking details you should be OK, but there is a risk. There is also a risk when you hand your card over in a shop or use the telephone so regularly check your card transactions online. This is one of the major security benefits of online banking. You can check your card transactions as often as you like and spot suspicious entries long before you would otherwise.
The https:// and secure padlock icon rules above are sometimes blurred. This is because some organisations still use the secure https:// protocols and the appropriate browser settings but they use ‘popup’ windows, which don’t display the web address or the padlock icon. These sites usually have a link explaining the details of the security used but I only recommend using them if you find this explanation satifactory and you are confident in the organisation because of who they are. All web sites expecting your trust should make it easy for you to see that the process is secure. If these organisations/companies lose out on your business because they don’t, they will soon change their websites.
Having secured your computer on a network with a good ISP, running a reliable up to date operating system, with browser settings set to secure, on a website with an https:// address for all secure transactions what else matters when you are shopping online? How well does the service compare with any other type of shopping? Are items ‘in stock’ really in stock? Are they despatched immediately and do you have a choice of delivery options? I want my online shopping experience to be as close to walking into a shop and walking out with the goods as possible. This means that stock has to be genuinely held and despatch and posting arrangements have to be quick and secure. This should also be true of returns policies and arrangements; after all, you haven’t had a chance to see before you buy. In the UK you are protected by law. Don’t be impressed by 7 day money back, no questions asked guarantees. They have no choice; it’s the law. Remember also that for purchases over £100 you have credit card purchase protection (here in the UK certainly). Most importantly you have exactly the same consumer rights as you have in a shop. The goods must be as described, fit for purpose (and this is not limited to 12 month guarantee periods) and be in working order; or they must refund your money or depending on how much time has passed, repair or replace. Be suspicious of any website asking you to agree before purchase that all faults be referred to the original manufacturers for some obscure reason. This is of dubious legality, so buy somewhere else!
Also, avoid suppliers who don’t allow you to reliably track the status of your order online, and which pro-actively keep you informed by email at all stages of the process. Complain to your credit card company if any charges are made before goods are despatched.
The Ebay online auction site is an excellent resource but buyer beware, and seller be careful! Only ever buy or sell through the normal Ebay processes on the website pages. Always check feedback of sellers and buyers carefully, especially if you are buying by direct credit card purchase rather than ‘PayPal’. Set up a PayPal account in advance and you won’t have to give your details to anybody else. If a seller doesn’t accept PayPal and you want to use it, buy somewhere else! If you are selling, post accurate photographs and descriptions and always insist on sending by a secure and trackable method of posting, which will be added to the auction charge. Make this clear on your auction pages. Never despatch goods before payment is received by whatever method you have agreed. Again, if you insist on payment by PayPal you can reduce your risk but you have to take all charges into account when deciding a reserve.
I have no hesitation in recommending RS (or Radiospares as they used to known) as an example of exactly how to provide a high quality distance selling service. Have a look around their site to see how it works. Everything is reliably secure and meets all the requirements of a good online retailer/wholesaler. They probably do it so well because they have always been distance sellers. There is no difference between providing a good catalogue based mail-order/telephone system and an online version, except that the online version, when well designed, should be a little easier to use than mail-order.
